package de.mhus.lib.core.shiro;

import de.mhus.lib.core.M;
import de.mhus.lib.core.MFile;
import de.mhus.lib.core.MPassword;
import de.mhus.lib.core.MProperties;
import de.mhus.lib.core.MString;
import de.mhus.lib.core.MXml;
import de.mhus.lib.core.logging.Log;
import java.io.File;
import java.io.IOException;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.xml.parsers.ParserConfigurationException;
import org.apache.shiro.ShiroException;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.BearerToken;
import org.apache.shiro.authc.ExpiredCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.SimpleAccount;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.Permission;
import org.apache.shiro.authz.SimpleRole;
import org.apache.shiro.authz.permission.WildcardPermission;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.PermissionUtils;
import org.w3c.dom.Element;
import org.xml.sax.SAXException;

/* loaded from: input_file:de/mhus/lib/core/shiro/FileSourceRealm.class */
public class FileSourceRealm extends AuthorizingRealm implements PrincipalDataRealm, BearerRealm {
    private static Log log = Log.getLog(FileSourceRealm.class);
    private String resourcesPath;
    private File userDir;
    private File rolesDir;
    private String defaultRole;
    private boolean debugPermissions;
    private String rolePermission;

    public FileSourceRealm() {
        setCredentialsMatcher(new CombiCredentialsMatcher());
    }

    protected void onInit() {
        this.userDir = new File(this.resourcesPath + File.separator + "users");
        this.rolesDir = new File(this.resourcesPath + File.separator + "roles");
        super.onInit();
    }

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        return getUser(getUsername(principalCollection));
    }

    public boolean supports(AuthenticationToken authenticationToken) {
        if (authenticationToken == null || !BearerToken.class.isAssignableFrom(authenticationToken.getClass())) {
            return super.supports(authenticationToken);
        }
        return true;
    }

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        SimpleAccount user;
        String str = null;
        if (authenticationToken instanceof UsernamePasswordToken) {
            str = ((UsernamePasswordToken) authenticationToken).getUsername();
        } else if (authenticationToken instanceof BearerToken) {
            str = ((JwtProvider) M.l(JwtProvider.class)).readToken(((BearerToken) authenticationToken).getToken()).getSubject();
        }
        if (str == null || (user = getUser(str)) == null) {
            return null;
        }
        if (user.isLocked()) {
            throw new LockedAccountException("Account [" + user + "] is locked.");
        }
        if (user.isCredentialsExpired()) {
            throw new ExpiredCredentialsException("The credentials for account [" + user + "] are expired");
        }
        return user;
    }

    protected String getUsername(PrincipalCollection principalCollection) {
        return getAvailablePrincipal(principalCollection).toString();
    }

    protected SimpleAccount getUser(String str) {
        SimpleRole role;
        SimpleRole role2;
        try {
            File file = new File(this.userDir, MFile.normalize(str) + ".txt");
            if (file.exists() && file.isFile()) {
                log.d("load user", str, "txt");
                List<String> readLines = MFile.readLines(file, false);
                String str2 = readLines.get(0);
                SimpleAccount simpleAccount = new SimpleAccount(str, str2, getName());
                simpleAccount.setCredentials(str2);
                readLines.remove(0);
                Iterator<String> it = readLines.iterator();
                while (it.hasNext()) {
                    String trim = it.next().trim();
                    if (!MString.isEmpty(trim) && !trim.startsWith("#")) {
                        SimpleRole role3 = getRole(trim);
                        if (role3 != null) {
                            simpleAccount.addRole(trim);
                            simpleAccount.addObjectPermissions(role3.getPermissions());
                        }
                    }
                }
                if (MString.isSet(this.defaultRole) && (role2 = getRole(this.defaultRole)) != null) {
                    simpleAccount.addRole(this.defaultRole);
                    simpleAccount.addObjectPermissions(role2.getPermissions());
                }
                return simpleAccount;
            }
            try {
                File file2 = new File(this.userDir, MFile.normalize(str) + ".xml");
                if (!file2.exists() || !file2.isFile()) {
                    log.d("user not found", str);
                    return null;
                }
                log.d("load user", str, "xml");
                Element documentElement = MXml.loadXml(file2).getDocumentElement();
                String decode = MPassword.decode(documentElement.getAttribute("password"));
                SimpleAccount simpleAccount2 = new SimpleAccount(str, decode, getName());
                simpleAccount2.setCredentials(decode);
                Element elementByPath = MXml.getElementByPath(documentElement, "roles");
                if (elementByPath != null) {
                    Iterator<Element> it2 = MXml.getLocalElementIterator(elementByPath, "role").iterator();
                    while (it2.hasNext()) {
                        String value = MXml.getValue(it2.next(), false);
                        if (MString.isSet(value) && (role = getRole(value)) != null) {
                            simpleAccount2.addRole(value);
                            simpleAccount2.addObjectPermissions(role.getPermissions());
                        }
                    }
                }
                return simpleAccount2;
            } catch (IOException | ParserConfigurationException | SAXException e) {
                log.d(str, e);
                return null;
            }
        } catch (IOException e2) {
            log.d(str, e2);
            return null;
        }
    }

    public SimpleRole getRole(String str) {
        try {
            File file = new File(this.rolesDir, MFile.normalize(str) + ".txt");
            if (file.exists() && file.isFile()) {
                log.d("load role", str, "txt");
                SimpleRole simpleRole = new SimpleRole(str);
                List<String> readLines = MFile.readLines(file, false);
                HashSet hashSet = new HashSet();
                Iterator<String> it = readLines.iterator();
                while (it.hasNext()) {
                    String trim = it.next().trim();
                    if (!MString.isEmpty(trim) && !trim.startsWith("#")) {
                        hashSet.add(trim);
                    }
                }
                simpleRole.setPermissions(PermissionUtils.resolvePermissions(hashSet, getPermissionResolver()));
                return simpleRole;
            }
            try {
                File file2 = new File(this.rolesDir, MFile.normalize(str) + ".xml");
                if (!file2.exists() || !file2.isFile()) {
                    log.d("role not found", str);
                    return null;
                }
                log.d("load role", str, "xml");
                Element documentElement = MXml.loadXml(file2).getDocumentElement();
                SimpleRole simpleRole2 = new SimpleRole(str);
                Element elementByPath = MXml.getElementByPath(documentElement, "perms");
                if (elementByPath != null) {
                    HashSet hashSet2 = new HashSet();
                    Iterator<Element> it2 = MXml.getLocalElementIterator(elementByPath, "perm").iterator();
                    while (it2.hasNext()) {
                        String value = MXml.getValue(it2.next(), false);
                        if (MString.isSet(value)) {
                            hashSet2.add(value);
                        }
                    }
                    simpleRole2.setPermissions(PermissionUtils.resolvePermissions(hashSet2, getPermissionResolver()));
                }
                return simpleRole2;
            } catch (IOException | ParserConfigurationException | SAXException e) {
                log.d(str, e);
                return null;
            }
        } catch (IOException e2) {
            log.d(str, e2);
            return null;
        }
    }

    public String getResourcesPath() {
        return this.resourcesPath;
    }

    public void setResourcesPath(String str) {
        this.resourcesPath = str;
    }

    @Override // de.mhus.lib.core.shiro.PrincipalDataRealm
    public Map<String, String> getUserData(Subject subject) {
        String principal = AccessUtil.getPrincipal(subject);
        try {
            File file = new File(this.userDir, MFile.normalize(principal) + ".properties");
            if (file.exists() && file.isFile()) {
                log.d("load data", principal, "properties");
                MProperties load = MProperties.load(file);
                HashMap hashMap = new HashMap();
                for (Map.Entry<String, Object> entry : load.entrySet()) {
                    hashMap.put(entry.getKey(), String.valueOf(entry.getValue()));
                }
                return hashMap;
            }
            try {
                File file2 = new File(this.userDir, MFile.normalize(principal) + ".xml");
                if (!file2.exists() || !file2.isFile()) {
                    return null;
                }
                log.d("load data", principal, "xml");
                Element elementByPath = MXml.getElementByPath(MXml.loadXml(file2).getDocumentElement(), IniDataRealm.DATA_SECTION_NAME);
                if (elementByPath == null) {
                    return null;
                }
                HashMap hashMap2 = new HashMap();
                Iterator<Element> it = MXml.getLocalElementIterator(elementByPath).iterator();
                while (it.hasNext()) {
                    Element next = it.next();
                    hashMap2.put(next.getNodeName(), MXml.getValue(next, false));
                }
                return hashMap2;
            } catch (IOException | ParserConfigurationException | SAXException e) {
                log.d(principal, e);
                return null;
            }
        } catch (Exception e2) {
            log.d(principal, e2);
            return null;
        }
    }

    public String getDefaultRole() {
        return this.defaultRole;
    }

    public void setDefaultRole(String str) {
        this.defaultRole = str;
    }

    protected boolean isPermitted(Permission permission, AuthorizationInfo authorizationInfo) {
        boolean isPermitted = super.isPermitted(permission, authorizationInfo);
        if (this.debugPermissions && !isPermitted) {
            log.d("perm access denied", AccessUtil.CURRENT_PRINCIPAL, permission);
        }
        return isPermitted;
    }

    protected boolean hasRole(String str, AuthorizationInfo authorizationInfo) {
        if (this.rolePermission != null && isPermitted(new WildcardPermission(this.rolePermission + ":*:" + str), authorizationInfo)) {
            return true;
        }
        boolean hasRole = super.hasRole(str, authorizationInfo);
        if (this.debugPermissions && !hasRole) {
            log.d("role access denied", AccessUtil.CURRENT_PRINCIPAL, str);
        }
        return hasRole;
    }

    public boolean isDebugPermissions() {
        return this.debugPermissions;
    }

    public void setDebugPermissions(boolean z) {
        this.debugPermissions = z;
    }

    public String getRolePermission() {
        return this.rolePermission;
    }

    public void setRolePermission(String str) {
        this.rolePermission = str;
    }

    @Override // de.mhus.lib.core.shiro.BearerRealm
    public String createBearerToken(Subject subject, String str, BearerConfiguration bearerConfiguration) throws ShiroException {
        String principal = AccessUtil.getPrincipal(subject);
        File file = new File(this.userDir, MFile.normalize(principal) + ".properties");
        File file2 = new File(this.userDir, MFile.normalize(principal) + ".xml");
        if ((file.exists() && file.isFile()) || (file2.exists() && file2.isFile())) {
            return ((JwtProvider) M.l(JwtProvider.class)).createBearerToken(principal, str, bearerConfiguration);
        }
        throw new UnknownAccountException("User unknown: " + principal);
    }
}
